Browser Poisoning - Your New Threat to WiFi Security

WiFi hotspots are really cherished spaces these days; if a coffee shop, an airport, doesn't have one, or if it isn't good enough or fast enough, you'd think about changing your custom or picking a different airport. But hotspots are public networks, and the kind of threats they pose to your computer as you innocently log on, are really serious ones, and they multiply by the day. One of the newest ways WiFi security can be threatened, is through browser poisoning. That's when another user on the hotspot hacks into your computer and changes the settings on your browser so that he can put before you a fake webpage, that sends him information.

It is actually very simple for an experienced hacker on a WiFi or 802.11 network; browsers use a JavaScript file, that is terribly easy prey. Something called a JavaScript cache control header is a permanent part of your browser, and can be infected so that everywhere you open the computer, long after you've left a hotspot, your information no longer belongs to you. The hacker can, through the Internet, remotely walk in and out of your computer, and any network your computer is connected to as he pleases. They call this browser-cache poisoning; every time you ask for a specific website, the attacker can, over the Internet, send you an alternative one. The very URL you visit can become poisoned on that particular computer. Alternatively, they can steal all your information whenever you happen to be on a VPN. But there is a cure, if you actually recognize that you are under attack. The poisoned browser cache, has just to be emptied, and the problem disappears. The procedure of how you do this is not always the same on every browser, and sometimes, people just lose their way and give up.

The solution for now, is to keep your high security company laptop untainted by outside WiFi networks. This plaan could work if companies could prohibit users from ever connecting the laptop outside of the company network. Of course, it isn't going to win the management any popularity contests this way. The Black hat security conference in January, had plenty of insights of this kind this year. And they came down really heavily on all things Adobe Flash. So how exactly does browser cache poisoning work? When you visit a website, your browser routinely tries to store a few parts of the website away in its cache, to help speed things up the next time you come over. So here is this folder that the browser can store things in. There is nothing that stops an attacker from storing things in there too. Once that is done, your browser will read the cache the next time you visit that website, read the malicious software that the attacker placed there, and head off on a tangent.

But since there is a simple solution to it, in clearing your cache every time you leave a public hotspot, your WiFi security should still be somewhat safe on.